// For flags

CVE-2022-26034

 

Severity Score

9.1
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Improper authentication vulnerability in the communication protocol provided by AD (Automation Design) server of CENTUM VP R6.01.10 to R6.09.00, CENTUM VP Small R6.01.10 to R6.09.00, CENTUM VP Basic R6.01.10 to R6.09.00, and B/M9000 VP R8.01.01 to R8.03.01 allows an attacker to use the functions provided by AD server. This may lead to leakage or tampering of data managed by AD server.

Una vulnerabilidad de autenticación inapropiada en el protocolo de comunicación proporcionado por el servidor AD (Automation Design) de CENTUM VP versiones R6.01.10 a R6.09.00, CENTUM VP Small versiones R6.01.10 a R6.09.00, CENTUM VP Basic versiones R6.01.10 a R6.09.00, y B/M9000 VP versiones R8.01.01 a R8.03.01 permite a un atacante usar las funciones proporcionadas por el servidor AD. Esto puede conllevar a un filtrado o manipulación de los datos administrados por el servidor AD

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-04-01 CVE Reserved
  • 2022-04-15 CVE Published
  • 2024-08-03 CVE Updated
  • 2024-12-29 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-287: Improper Authentication
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Yokogawa
Search vendor "Yokogawa"
 B\/m9000 Vp
Search vendor "Yokogawa" for product "B\/m9000 Vp"
 >= r8.01.01 <= r8.03.01
Search vendor "Yokogawa" for product "B\/m9000 Vp" and version " >= r8.01.01 <= r8.03.01"
-
Affected
Yokogawa
Search vendor "Yokogawa"
 Centum Vp
Search vendor "Yokogawa" for product "Centum Vp"
 >= r6.01.10 <= r6.09.00
Search vendor "Yokogawa" for product "Centum Vp" and version " >= r6.01.10 <= r6.09.00"
-
Affected
Yokogawa
Search vendor "Yokogawa"
 Centum Vp
Search vendor "Yokogawa" for product "Centum Vp"
 >= r6.01.10 <= r06.09.00
Search vendor "Yokogawa" for product "Centum Vp" and version " >= r6.01.10 <= r06.09.00"
basic
Affected
Yokogawa
Search vendor "Yokogawa"
 Centum Vp
Search vendor "Yokogawa" for product "Centum Vp"
 >= r6.01.10 <= r6.09.00
Search vendor "Yokogawa" for product "Centum Vp" and version " >= r6.01.10 <= r6.09.00"
small
Affected